Systems and methods for secure storage of user information in a user profile

ABSTRACT

Systems and methods are provided for securely storing information of a user in a user profile to prevent access to the information and minimize the amount of information disclosed during a security breach. Information pertaining to a user is obtained from one or more sources and organized into a user profile and securely stored in a database. The user profile can be stored remotely in a cloud-based system at a remote encrypted server, with portions of the profile stored in separate locations with separate encryption to minimize the risk of unauthorized access to one portion of the information. The fields of data in the user profile can also be separately encrypted with separate encryption keys and separately stored in separate databases to minimize the amount of information which could be disclosed by the unauthorized access to a single encryption key or a single database.

BACKGROUND

1. Field of the Invention

Various embodiments described herein relate generally to the field of electronic management of information, and more particularly to secure storage and protection of user information in a user profile.

2. Related Art

The vision of a paperless modern society is quickly becoming a reality, as more and more communications, services and transactions take place digitally across networks such as the Internet. The need for paper copies of correspondence, financial documents, receipts, contracts and other legal instruments is dwindling as electronic methods for securely transmitting, updating and accessing these documents increases. In addition to the electronic transmission and access to documents and correspondence, the process of electronically submitting information is also commonplace, such as with online shopping or applications for loans, credit cards, health insurance, college or job applications, etc.

However, much of the information required in these forms is common to other forms, and yet users manually repeat populating the form inputs with the same information over and over again. The ability to collect, organize, update, utilize and reapply the input information required in these electronic documents, forms and applications remains highly difficult. While some applications have been developed to store certain basic information about a user—such as the user's name, address and financial information—the ability to organize, access and apply this stored information for additional online activities remains very limited, especially when detailed input information and/or computations are required to complete forms such as college applications and family law declarations.

There are several programs or applications that allow a user to track financial information, budget, forecast, balance spending accounts, etc. While these tools can save time and provide effective tools for budgeting etc., they do not address the numerous circumstances in which a user is required to provide personal information, financial information, forecasts, categorized expenditures, etc., in a specific format or in accordance with specific forms, etc.

For example, when someone gets divorced, they must provide the court with detailed personal and financial information, both of past records as well as projected needs. This information has to be provided in a very specific state-mandated format using a specific form and it must be updated and submitted to the court at various points during the divorce process, which may last over a long period of time. For example, FIG. 1 illustrates one page of an Income and Expense Declaration that both petitioner and respondent must fill out in a California divorce proceeding. The amount and complexity of the information needed for a form such as this typically requires the person completing the form—such as the party to the divorce or an attorney—to spend a significant amount of time obtaining all of the needed information and even performing calculations of information to obtain the desired values. As another example, when a user wishes to get a loan, such as a car loan or mortgage, the organization providing the loan will often require the user to provide and update certain financial records and information organized in a certain format.

Even well-organized, financially savvy users using currently available personal financial software tools find completing and updating these forms to be burdensome, time-consuming, confusing, and susceptible to mistake. The applicable forms and other applicable items require much more than basic financial information. Additionally, there is a significant need to accurately complete these forms, as the forms can obviously have a significant impact on whether the applicant qualifies for financial aid, a loan, etc., or receives a favorable outcome in a divorce or other legal proceeding.

These same challenges apply to other critical life events, such as applying to, and/or paying for college. The college application process is a high anxiety time for students and very often, their parents. There is a lot of detailed information required to complete college and financial aid applications, including but not limited to essays, transcripts, letters of recommendation, activities, photos, etc. Also, college applications and financial aid opportunities have many different deadlines. It is very difficult to stay organized and keep on top of all the information, deadlines and applications submitted.

SUMMARY

Disclosed herein are systems and methods for securely storing information of a user in a user profile to prevent access to the information and minimize the amount of information disclosed during a security breach. Information pertaining to a user is obtained from one or more sources through electronic means, and the information is then classified into specific categories using field mapping and other techniques, after which it is organized into a user profile and securely stored in a database. The information that is collected and organized may include (but is not limited to) identification and contact information, financial information, health information, education and career information, family information, business information, lifestyle information, and historical information for any of the listed categories. The user profile may be encrypted and stored remotely in a cloud-based system at a remote server, with portions of the profile stored in separate locations with separate encryption to minimize the risk of unauthorized access to one portion of the information. The fields of data in the user profile may also be separately encrypted with separate encryption keys and separately stored in separate data stores, databases, or in separate database tables, to minimize the amount of information which could be disclosed by the unauthorized access to a single encryption key or a single database, or database table.

In one aspect of the invention, a system for securely storing user information from a user profile comprises: a profile creation unit which creates a user profile of user information including a plurality of fields and a plurality of values for the plurality of fields; wherein the information in the user profile is separated into sections; and wherein the sections are separately stored in separate data stores, databases, or database tables.

In another aspect of the invention, a method of securely storing user information from a user profile comprises the steps of: creating a user profile of user information including a plurality of fields and a plurality of values for the plurality of fields; separating the information in the user profile into separate sections; and storing the separate sections in separate data stores, databases or database tables.

Other features and advantages should become apparent from the following description of the preferred embodiments, taken in conjunction with the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

Various embodiments disclosed herein are described in detail with reference to the following figures. The drawings are provided for purposes of illustration only and merely depict typical or exemplary embodiments. These drawings are provided to facilitate the reader's understanding and shall not be considered limiting of the breadth, scope, or applicability of the embodiments. It should be noted that for clarity and ease of illustration these drawings are not necessarily made to scale.

FIG. 1 is an image of an Income and Expense Declaration form used in a divorce proceeding.

FIG. 2 is a block diagram illustrating a system for obtaining, classifying and populating personal information on electronic forms, according to one embodiment.

FIG. 3 is a diagram further illustrating the system for obtaining, classifying and populating personal information on electronic forms, according to one embodiment.

FIG. 4 is an illustration of the system involved in prepopulating fields of a document, according to one embodiment.

FIG. 5 is a screen shot of a graphical user interface illustrating a browser extension for implementing the inventive system, according to one embodiment.

FIG. 6 is an image of a database table listing field identifying numbers, field names and field values, according to one embodiment.

FIG. 7 is an image of a database table of forms which are stored in the system for automatic completion, according to one embodiment.

FIG. 8 is an image of a database table which lists field names and field values on each form document stored in the system, according to one embodiment.

FIG. 9A is a screen shot of a graphical user interface illustrating a web interface for selecting a category of a document for prepopulating user information, according to one embodiment.

FIG. 9B is a screen shot of a graphical user interface illustrating a web interface for selecting a specific document for prepopulating user information, according to one embodiment.

FIG. 10A illustrates a graphical user interface of a form with a unique field name that can be automatically identified, stored in the system database, according to one embodiment.

FIG. 10B illustrates a graphical user interface of the form of FIG. 10A with a value of the unique field stored in the system database populated into the field, according to one embodiment.

FIG. 11 is an image of a database table which stores a field identifier, field name and field value for the unique field in the form illustrated in FIGS. 10A and 10B, according to one embodiment.

FIG. 12 is a flow chart illustrating a method of obtaining, classifying and populating personal information onto an electronic form, according to one embodiment.

FIG. 13 is a block diagram that illustrates an embodiment of a computer/server system upon which an embodiment of the inventive methodology may be implemented.

The various embodiments mentioned above are described in further detail with reference to the aforementioned figured and the following detailed description of exemplary embodiments.

DETAILED DESCRIPTION

The embodiments described herein provide for the collection, organization and use of information for automatically completing, updating and submitting complex electronic documents and online forms, such as: online shopping checkout forms; applications for loans, credit cards, health insurance, college or jobs; government-mandated documents required for legal proceedings (such as divorce or bankruptcy); and forms required for or by businesses and business owners. Information is obtained from a plurality of different sources and classified through field mapping and other information classification techniques to build an organized database of information related to a user known as an information vault. The information is securely stored via encryption and disassociation techniques in one or more user data stores or databases to ensure the security of the information. A forms database is utilized for storing electronic forms and documents as well as the field information needed to complete the form or document. The user can access their information to automatically populate the fields of an online form or an electronic document by selecting a document from the forms database or by utilizing a browser plug-in to populate an online form being displayed in a web browser. The system may also be integrated with third party services and websites to populate information on the third party site via secure connections to the user databases, while allowing the user to retain the information in our highly secure database.

The techniques described herein provide for the ability to quickly and accurately complete, update and submit any type of form on any type of computing device, as the user database builds a profile of the user that includes, for example, identification information, financial information, health information, contact information and historical user information that is classified with high accuracy to ensure that a form is populated with the correct information. The user retains full control of any downloading, transmission, editing or deleting of their information and only needs to enter and verify their information once rather than repeat the same process over and over again.

The systems and methods described herein may be utilized by individuals, groups, entities, governments or businesses for various types of information collection, management and entry. Individual users may populate online forms on their desktop, tablet, smartphone, etc., and be able to instantly complete the form. In one embodiment, the system may be offered as a mobile application running on a smartphone, tablet or other portable electronic device that would enable a user to complete forms or other documents. With the difficulty of inputting information using small display screens and touchscreen devices, the ability to easily populate information with a portable electronic device is particularly advantageous. Businesses may organize and store information to complete forms such as human resource forms, building permit forms, elevator license forms in various jurisdictions, etc. Although the examples provided herein relate primarily to the use of the systems and methods for individual users, the benefits and applications also extend to groups of users, entities, governments or businesses of any size and type.

This solution is unique because once users enter their information once, the information is stored in their information vault, after which they can use it forever for supplying information or completing any forms that require the same repeat information. Non-limiting examples include new patient forms for health care, college admissions applications, scholarship applications, financial aid applications, loan applications, medical questionnaires, job applications, insurance forms, legal declaration or proceeding documents, government benefit or service requests, personal health records, ecommerce checkout forms, membership applications, etc.

FIG. 2 illustrates one embodiment of a system 100 for obtaining, classifying and populating information onto electronic forms, in accordance with one embodiment of the invention. Information is obtained from one or more information sources 102 a-c, such as existing forms 102 a, third party application interfaces 102 b or manual user entry 102 c. The information is then transmitted to a communications interface 104, where it is then classified by a server 106 and stored in one or more data storage devices, location, or systems data stores 108 as a user profile of the user's information. The communications interface 104 can be in a local area network (LAN) with the information sources 102 or at a remote location from the information sources 102 through connection via the Internet or other wide area network (WAN). The communications interface 104 will also include one or more information processing units within the server 106 to process the collected information, including a classification unit 106 a, which classifies the information to identify fields applicable to the information and values for the fields; a profile creation unit 106 b, which creates a user profile with the classified information; and an information populating unit 106 c, which populates at least one form field of an electronic form or database by matching the at least one form field with the classified information. A field comparison unit 106 d and a user activity collection unit 106 e 104 can also be included, the functions of which will be described further below. Any of the aforementioned units 104 can be located within separate servers or within a single server, depending on the design of the overall system. The user, through any type of device 110 a-c, can then request that one or more forms 112 be completed using the information in their profile. Any type of device can be used by the user, including a laptop computer 110 a, desktop computer 110 b, or a portable electronic device 110 c such as a tablet or smartphone.

The user can interact with the communications interface 104 through the device 110 to complete one or more forms 112 a-c, such as an image viewer 112 a, a form displayed in an internet-browser application 112 b, or a form displayed via an application 112 c running on the portable electronic device 110 c. Forms can also be displayed directly in a browser window via HTML5-CSS3 or via an application 112 c interfacing with the server 106, or through one or more graphical user interfaces (GUIs) 114 produced by the server 106 that are displayed on the device 110 c. As demonstrated herein, the forms can be populated directly on the user's device, through a browser extension, add-on browser application, or via an application programming interface (API) interacting with a third party service or application.

FIG. 3 is an illustration of a system diagram illustrating the security protocol of one configuration of the system. Users 116 can access the system via the various devices 110 described above, which are connected with the communications interface 104 via the Internet 118. Multiple types, locations, devices, servers, etc. can be used separated between various firewalls for increased protection of the user profile information to ensure privacy and security. Users can initially be presented with a GUI showing basic information that is considered the public-facing home site 104 a of the communication interface 104, which is also protected by an initial firewall 120 a. The initial firewall 120 a can provide overall security for the system and allow access to the user interface and experience level (UI/UX) 104 b of the interface. The UI/UX 104 b includes a web and interface server 106 f connected with a forms and applications output data store 108 a. A second firewall 120 b can protect a third section of the communications interface known as the data access layer 104 c. The data access layer 104 c can include business level logic application servers 106 g connected with a data store server 106 h, which can be configured to manage a secure client data element and historical archives data store 108 b and a mapped input forms data store 108 c. Separate ID and authentication servers 106 i can also be enclosed within the data access layer 104 c, which are connected with an identification data store server 106 j, which can manage a secure client ID element data store 108 d.

FIG. 4 illustrates one embodiment of the steps of populating fields 402 of a form 404 by accessing information stored in the secure client ID element data store 108 d and the secure client data element data store 108 b through data store management software such as the information populating unit 106 c where a separate client identification data store and client information data store are used to obtain the information needed to populate an electronic form.

Details of the systems and methods are provided further herein with regard to the specific components and features.

I. Collecting Information and Forms

Information can be obtained from multiple different sources and in multiple different formats in order to obtain a complete set of information for a user. For example, the user information can be obtained by having the user complete a “master form” specifically designed to collect information that many of the forms require in a variety of categories (i.e., loan applications, online shopping, college applications, divorce proceedings, etc.). The user information can also be collected from existing electronic or non-electronic records, such as financial institution databases, electronic health records, third party information aggregation services (such as Mint.com®), or by the user following simple instructions in the system's web-based user interface. The user may need to grant access to one or more of these existing electronic records so that the relevant information can be obtained, and the system can utilize specific Application Programming Interfaces (APIs) to communicate with the third party sites to obtain field and content information. For existing electronic records, it is likely that the information is already classified within, e.g., a database, with specific field names or identifications such that substantial additional classification of the information is not needed; however, due to the complexity of many of the forms such as divorce filings and financial schedules, the system is able to overlay additional computations and reorganize the classifications so that they match the required output of the forms. For non-electronic records, the user may be able to scan or take a picture of the non-electronic document and have the fields and field values extracted through various technologies such as image processing and content extraction software.

In one embodiment, the information can be obtained when a user manually completes an electronic form or document. For example, as illustrated in FIG. 5, if the user completes a form 112 b displayed on an internet-browser application, the application can include a browser extension 502 to allow for the form 112 b, fields 504 and content 506 of the fields to be captured, extracted, organized, classified and uploaded to the user's database for future use on the same or other forms. The browser extension 502 can provide a popup menu 508 with a Copy Button 510 to copy fields to the user profile, as well as a Fill Fields Button 512 to populate data from the user profile to the form 112 b. The information can be extracted and populated even for a complete form that spans numerous pages. Blank forms and documents and other user information can also be directly uploaded to the system, where the form or document and its fields can be captured, mapped and stored as templates. For example, a credit card application form may be uploaded to the system and stored in the document library data store, with the form fields identified so they can be mapped to the corresponding user fields in the data store, either manually or using automatic mapping techniques.

Completed forms and documents can also be directly uploaded to the system, where the form or document, the fields and content of the fields can be captured and extracted. For example, a credit card statement or a mortgage statement can be uploaded to the system, where the fields and content in the fields can be extracted and stored in the user data store, although the document itself cannot be since it is not a form. However, if a credit card application or a mortgage application is uploaded the document itself may be extracted and stored in addition to the fields and content to help the user and other users fill out the forms in the future.

FIG. 6 illustrates one embodiment of a data store table 602 with the field information that is collected from a form that is input into the system. As information is sent from the form being worked on to the server, it gets stored in this table. When information is “pulled” from the server and applied to forms, it comes out of this table. The form can be a form such as that illustrated in FIG. 1 and can have been completed by the user such that the form fields have values already entered. As shown in FIG. 6, each field 604 on the form is provided a unique numerical identifier 606 (customerFieldDefaults_Id) to distinguish it from other fields. As shown in the right two columns, each field is also given a field name 608 (fieldName) and field value 610 (fieldValue). The field name may be the name encoded on the form itself which can be extracted from the form if it is on a website or an electronic form with field name metadata that has already identified the field name based on the programmer that created the original form. The field value (if available) will obviously correspond to the content of the field. The associations between field names and field values (known as name-value pairs) are important for classifying content and building the user profile.

FIG. 7 illustrates a document library table 702, which stores a list of documents 704 that are stored in the system. The documents each are provided a document identification 706 (document_id), document title 708, and path 710 to the document in an associated database. FIG. 8 illustrates a database table 802, which stores the field names 804 of each document in the document library table of FIG. 7. Note that there is an option to set a default value for each field. For example, this year's tax form may have a default filing year of 2013. The commonFieldName 806 is a human-readable version of fieldName 804 in the cases where fieldName is obscure or poorly named by the original form designer. commonFieldName 806 allows the system to quickly match the field with field names found in a typical customer's vault. The commonFieldName 806 provides for more reliable and deterministic mapping of fields with field names found in a user profile.

Unique field names and values are stored and organized in the system for future use. FIGS. 10A and 10B are illustrations of an online form 1002 with a unique billing code field 1004 in the “Billing” section 1006, which requires the field value to be a unique 33 digit code. If the user has not previously entered the code into the system (which is unlikely given that it is a unique code for a particular form), the user will be required to manually enter the field value 1008 in the field 1004 when completing the form 1002 for the first time, as shown in FIG. 10B. The system will pull the information on the field 1004 (and the value 1008 entered by the user in that field) into the system and list those in a database table 1100, as illustrated by the table in FIG. 11. As shown in FIG. 11, there are two entries created for this field, as one corresponds to the field name 1102 (digit) and one corresponds to the field value 1104 (the 33 digit number). In one embodiment, an additional line entry (not shown) is created to associate the radio button next to the field with the field and the field value. This will be useful when the form is being populated in the future, as the system will know to activate/select the radio button when filling in the field value.

In another embodiment, third party services and websites can provide information about forms and documents hosted on their own sites for storage on the system, such as the field names and other document or form-identifying information. Thus, if the user is using the third party service and needs to complete a form or document of the third party service, the user can request that the third party service obtain the user's information from the user data store for populating into the form or document at the third party site. The third party service can then maintain their customized form or document on their website or application, and the user can ensure that the content populated into the form or document accurately corresponds to the content needed for each field since the third-party service provided the field information to the system. Additionally, users are provided with additional security of the information, as the information is stored on the system data store rather than the third party service's data store, reducing the chance that the information could be stolen from the third party service or site.

In another embodiment, the third-party service can integrate the embodied system within their website or application so that information stored in the application or at a third-party server is shared with the system and used to complete forms and other documents. Similarly, the integration can provide for sharing of the user's information with the third-party site or application for completion of forms or documents at the third-party site.

Other sources of information may be used or envisioned, as would be apparent to one of skill in the art. As will be described further below, the information sources are used to build a profile of each user by collecting information of the user from the various sources and compiling the information into an organized list of information that can be used to populate fields or supplement information of any type and on any form.

II. Organizing and Storing Information

The information obtained from the various information sources discussed above is used to build a user profile of an individual user, which ideally includes comprehensive information on the user's finances, contact information, health information and historical information. The user profile can include the user's name, birth date, age, current and past addresses, phone numbers, e-mail addresses, social security or government identification number, employment information (current and historical), salary, height, weight, race, bank account numbers, account balances, user names, passwords, education information, health risks, allergies, medications, etc. This list is by no means comprehensive. The user profile can also include information not directly related to the user, such as a name and phone number of an emergency contact person, family names and relationships, service provider contact information and notes, business contact information, business prospects, CRM, etc. The user profile can also store other metadata selected to the information or date to be stored.

Access to the system can be provided by an application interface through software running on a computing device such as a desktop or laptop, or through an application running on a portable electronic device such as a tablet or smartphone. Additionally, the system can be accessible over a web-based application interface, where all of the user's information is securely stored, e.g., in a secure server facility in a cloud-based network.

In one embodiment, the information can be stored in at least two or three separate data store locations that are purposely decoupled in order to provide enhanced security by minimizing the risk of hacking into one of the data store locations. The data store can be divided into a document library data store, which, e.g., stores form and document templates, field information and other form properties; a customer personal vault data store, which, e.g., stores the information that includes the fields and field values for each specific user; a user identity data store which, e.g., Stores information relating to the user's identity (separately from other information for security reasons) and a customer orders and completed documents data store that stores previously-completed forms in terms of the fields and values that were completed.

As will be described immediately below, the information will likely be classified into distinct categories so that it can be accurately populated or supplemented into an appropriate field of a form. Furthermore, as will also be described below, the potential risk of theft of such a wealth of personal information is mitigated by specialized proprietary encryption and storage techniques to prevent the information from being stolen or from being useful even if it is stolen.

Field Mapping

Identifying which information belongs in which fields within a form is one of the most difficult challenges for populating forms. While many information fields contain names that easily and readily identify the value that belongs in that particular field, some names are ambiguously named, some fields have slightly differing names between different forms, some fields have identical names within the same document, and some fields have multiple values associated with the same field.

There are at least three primary circumstances where information needs to be filled in that drive the following field mapping techniques. In a first circumstance, a document library stores standard document templates that can be copied into a user's workspace and filled in on-demand. The document library would in this case store the document's fillable fields and possible default values in a “Fields” table. In a second circumstance, fields and values unique to each user are applied and mapped to blank documents. This set of unique user information will grow over time into a large vault of information. In a third circumstance, actual fields and values assigned to a document are filled in and saved by the user, such that the values are locked to a completed document. Some techniques for solving these problems are addressed below.

A first solution involves scanning the fields of a document and making associations and inferences as to a “best-fit” field name. In one embodiment, this is completed by utilizing the “for” attribute of a website field code that associates form labels with a field box on the page. For example, a field box with the ambiguous name “box00455x” may be encoded as “label for=”firstname,” so that we can associate the obscure name and the field with the label for “first name.”

For a situation where there are multiple fields in a document or form with the same or similar field names, the section of the document in which each field appears can be used to identify whether the values for each field should be different. The system data store can therefore store a “field section” entry as a category in the data store for each field, so that fields with the same name can be disambiguated based on which section they are in.

In some cases, a field name may be completely random and provide no indication as to how it maps to another field or a particular field value. The field names may be coded for another system that reads the specific codes with a computer and a specialized numerical or letter key code. For example, a “First Name” field may be named “fn0045586.” For PDF documents stored in the document library, an additional “helper” attribute can be added to the field record called “commonFieldName.” When the document is inputted, the poorly named field can be manually translated to something that is easily mapped. For this “First Name” example, the system can record the FieldName record as “fn0045586” and the “commonFieldName” as “First Name.” When a user selects this document, our smart technology will recognize the commonFieldName and easily map that to one of the user's field names that best matches “First Name.”

In a situation where a user has multiple values associated with the same field name, the system can be configured to provide a drop-down menu or other selection method where the user can select which value to input into the particular field. In an alternative embodiment, the field is populated with the most recently-used value or the most frequently-used value.

In another embodiment, different forms can have different ways to refer to the same user field name. A document can name a field one way while another document names the same field another way. For example, a first document can have a field named “First Name,” while a second document may have a field named “fname,” and yet a third document has a field named “firstname”—all of which are referring to the same field and should contain the same value or content. To enable this association, a user FieldDefaults table in the system data store is provided with a “userFieldCollections” record that lists the various field names that are synonymous.

For example, over time there will be multiple fields stored in data store each containing the same value. For example, assume each of these 3 “first name” fields will all have the value “Arthur.” A background process executed by the field comparison unit 106 d of FIG. 2 can periodically scan the data store for other fields with values of “Arthur” and identify those fields within the “userFieldCollections” table as duplicates. This table captures the various field names that are synonymous based on their common content. When any one of these fields is encountered in subsequent forms, the appropriate value of “Arthur” is used.

In a second approach, the system can pre-set the “userFieldCollections” table with commonly-grouped field values. For example, “firstname” and “First Name” are stored into the table when the field called “firstname” is initially encountered. When a subsequent field called “First Name” in encountered, its value would have already been stored and easily located through the “userFieldCollections” table.

In one example, a problem occurs when there are commonly labeled field names, for example a field name labeled “myFirstName” and another field (likely in a different form) labeled “customerFirstName.” Since these field names clearly correspond to the same information (a user's first name), in order to map “myFirstName” to “customerFirstName,” a machine learning classification library can be applied to learn from existing mapped fields from other users and then assign a recommended mapping between a user's field and a document's field.

Identity Disassociation

In order to protect the user's information from potential theft and misuse, the system disassociates a user's identifiable information from their other information. For example, the user's name, social security number, birthday, employer identification, etc. is stored in a separate data store from the user's other information, such as their credit card number, bank accounts, education, grades, etc. The identifiable information is additionally stored without any logical connection to other identifiable information of the same user, such that each identity information field is effectively stored on its own island within the data store. Each item of user information can furthermore be encrypted individually and then stored in a table anonymously with other information, without any indexing, organization or grouping of the table, so that the table is unable to provide any useful information about a user on its own.

The encrypted information can only be decrypted with a key, and optionally in some cases, the key is individually generated for each separate item of information so that the key cannot be misused to unlock other items. The key is stored in a separate data store and can only be obtained when a user logs in with the correct password. Thus, by disassociating the information that makes up the user's identity, it is impossible to determine enough of a user's information to effectuate identity theft simply from accessing the database and the tables listed therein.

As an example, a user's social security number (SSN) stored on its own and apart from other information (such as the user's name) is not useful for perpetuating identity theft. Given that the SSN is further encrypted into an unrecognizable series of letters and numbers, the system provides two highly-secure methods of protecting the information stored in the data store. In one embodiment, three separate data store locations are used to obtain information, and each location can be connected to the network using a separate server, which can be behind a separate firewall. A first data store can be configured to store the user's username and password. If successful in entering the username and password, a secret key is generated, which will then be supplied to a second location, which is solely used to store secret keys for each user. A third location can maintain the actual information and must be unlocked with the secret key from the second location in order to be read through an encrypted mapping to re-associate the islands of information.

Automatic User Profile Updates

This type of disassociation, i.e., breaking up of the date into multiple pieces can, as described above, occur for each piece of invention as well. In other words, each piece of information can be broken into sub pieces, each separately encrypted with a unique and/or stored in separate locations, without logical connections to other sub pieces. The system can be configured, in one embodiment, to automatically classify and store any inputted information into the user's profile without requiring a specific indication from the user. Additionally, as user information will continue to be obtained during the user's normal activities, newly-input information will either act to update existing information or be added to a list of values for the same information field that the user can then select from when populating a form.

The user's information can be stored in its own data store location known as the personal information vault, and therein within a table called “customerFieldDefaults.” The customerFieldDefaults table will usually contain the most current information for the user.

Deriving User Information

In one embodiment, existing user profile data can be analyzed to derive additional related information. The additional related information can be derived by performing comparisons or calculations of existing data, such as by analyzing financial data to determine a budget of regular income and expenses. In addition, the additional related information can be derived from external sources in order to provide the user with a more complete picture of certain aspects of their profile. For example, if a user enters a list of assets into their user profile that includes a vehicle year, make and model, the system can obtain an estimated value for the vehicle from an external data store or third party service. In another example, if the user enters the title of a collectable piece of artwork, the system can obtain additional information on the art, such as the artist, year produced and an estimated value. This information could be used to fill out an insurance application or a claim for the item in the event of a loss.

Analyzing User Information

In one embodiment, the user activity collection unit 106 e of FIG. 2 monitors user activity (such as information inputs, forms filled, etc.) when using the system and generates, collects and stores predetermined descriptive codes, based on their activity and information, into a separate data store locations. The codes may correspond to a user's current life status, demographic profile, preferences, financial balances, and other parameters that are associated with a user's account, but do not collect, disclose, or compromise their specific information. These codes can subsequently be used to determine targeted marketing and other strategies for that user for promoting third-party product and service offerings, which effectively better target their needs and desires for those products or services. The codes can also be provided with a confidence value relating to the likelihood that the code applies to the user based on factors relating to the type of form, the use of other related forms, etc.

For example, a user completing a college application can generate a code that relates to the likelihood that the user is about to enter college, which will then provide opportunities to market college-related products or services to the user. If the user completes a college application and a financial aid application, the confidence value relating to the code indicating that the user is about to enter college may jump higher. This can be used to present an advertisement to the user within the graphical user interface that is targeted to their life status, such as an ad for a college.

Archiving of Populated Information

Each time the user populates information into a form, the system can save a reference to the final version of the form within a specific data store location table known as the customerFieldContent. Specifically, the form in its entirety is not stored at a single data store location. Rather, a reference to the form or a record locator is stored. The information stored in the form can be locked and will not be updated as other user information is updated, unless the user specifically accesses the previously-completed form, edits the form itself and creates a new version. The stored completed forms can be time and date stamped, to create a complete archive of the user's activities within the system.

Shared Family Information and Group Plan/Company Plan Information

In one embodiment, the user's information can be shared with other related parties that would like portions of their profiles to be shared. For example, spouses, children, parents, brothers and sisters and other family members can share similar information, such as addresses, telephone numbers, family history, etc. that will also be universally updated if one of the items is changed. This will provide convenience in avoiding entering repetitive information among family members and allow for global updates to shared information and allow family members to collaborate on an application, such as the FAFSA (Free Application for Federal Student Aid). The FAFSA application has certain sections for the Student to complete and other sections that Parents are required to complete. Another example is children applying for college can access shared family information that another sibling has already input into that sibling's user profile, such as addresses, parents' names, occupations, etc. Furthermore, if a family moves, an update to the home address by one family member can be updated or offered for updating across the other family members in the same group who also had an identical home address previously listed. Similarly, various employees of a company could collaborate in order to complete the company's government or other filings or reports; in another example, a database of health records for one generation of a family could be transferred to a second generation to provide information to the second generation about potential genetic health information.

To effectuate the family or company sharing option, information from each family/company member could be stored in a separate vault of the database, and the database would then form links between common information among the family/company members so that each member can maintain the privacy of their separate information.

III. Populating Electronic Forms

Selection of Stored Forms

When the user is ready to complete a form or document, the user can select one of several methods. If the form or document is stored in the forms database at the system server, the user can select the form from a list of document categories 902 or specific documents 904, as illustrated in the attached graphical user interface of a web-based application interface 900 in FIGS. 9A and 9B. In addition, the user can be able to search for the form using a search tool or browse through the categories 902 to find the form based on the type of form (financial, academic, health care, etc.).

Application Extension

In one embodiment, an application extension is provided for quick access to populate a form being viewed in an application window, as shown in the attached illustration of a graphical user interface of a browser extension drop-down menu in FIG. 5. The extension can be displayed as an icon, menu item, supplement or otherwise in the application menus or elsewhere, and upon selection of the icon, a window opens with options to populate information from the user's profile to the fields displayed in the application window. The application can be an Internet browser, a word processor, image viewer, spreadsheet or presentation software, although these examples, as all examples and embodiments herein, are not limited hereto.

In another embodiment, as discussed in Section I, above, an application extension can also be used to extract information from or supplement a form, document or webpage being displayed in an application window. This extracted information can be uploaded to the user's personal information database.

In another embodiment, an application extension can also be used to display, and allow for modification of, user stored contact, CRM and/or contact related information related to form-fields recognized by the system while viewing a third party website such as on LinkedIn™, Facebook™ or Zillow™ websites. In one example of this embodiment, a user is shown a pop-up or drop-down window while viewing one of their LinkedIn™ contacts which allows them to view, modify, or directly add unique and private information about that particular contact back into their personal user database, without necessarily sharing that information with LinkedIn™ or the other users of LinkedIn™. Essentially, the user is augmenting the LinkedIn information with the user's personal notes on that contact, and securely storing that information for personal use in their information database. In another example, a user defined as operating a real-estate business is shown a pop-up or drop-down window while viewing a specific listing on Zillow.com™ which allows them to view, modify, or directly add unique and private information about that particular property back into their personal user database. This allows the real-estate business user to collect useful business information (e.g., the list of clients shown a particular property, listing details, showing schedules, etc.) which can enable them to be more effective in their business.

Third-Party Application Integration

A third-party service provider can also incorporate access to the system into their own application, such as a web-based application or a mobile application running on a portable electronic device. For example, a website run by an academic institution can integrate access to the system into their application for applying for admission, such that upon loading the admissions application, the user can log in and then access their information to populate the admissions application directly through the website. In addition, an internet shopping website can integrate access to the system database so that when the user is ready to check out and purchase goods or services from the website, a button, link or authentication dialogue will be available for the user to select and then populate their information onto a payment screen.

The integration with the third-party application can provide additional security to the user, as it can be configured so that the third-party service provider cannot view or store the user's information, and instead only requests it from the system database at checkout and then deletes it once the transaction is complete.

The applications can be offered as standalone products or as web-based products and services. In one embodiment, the application can be offered as a portable document format (PDF) filler application, where the application operates to populate information in a PDF document. The PDF filler can be a web-based application or integrated as a browser extension, as has been previously discussed. The application can also be offered as a web-based form filler that is designed to complete forms and documents found online. Additionally, the system can be offered as a mobile application running on a smartphone, tablet or other portable electronic device that would enable a user to complete forms or other documents. With the difficulty of inputting information using small display screens and touchscreen devices, the ability to easily populate information with a portable electronic device is particularly advantageous. For example, users who are using their mobile device to make a purchase often find it difficult to enter all of their contact information and payment information on a small screen (in addition to having to remember it). The ability to instantly complete these ecommerce form fields will be particularly advantageous to the mobile user. In another example, a user visiting an urgent care or emergency room facility can be required to fill out several forms, and could instead be provided with a website to access the forms and utilize the inventive systems to populate the form fields and submit the form online. The mobile-based applications can be standalone or integrated into other mobile applications or native device applications. For example, in one embodiment, the system can be integrated with the camera of a portable electronic device, such that a user can take a picture of a blank form or document and utilize the system to populate the form fields before transmitting the completed document.

In another embodiment, a third party application can integrate with the system and the user profile to provide a partial or complete transfer of user profile data from the system to a third party user profile without requiring the user to view a form with the fields in the third party user profile. For example, a user who signs up for a third party service such as a social media service or an ecommerce service can be asked to complete a user profile simply by requesting that their user profile generated on the system be transferred to the third party application and corresponding server and database. The user can only need to select an option to instantly transfer all of their user profile information to the third party user profile without needing to view the web-based form corresponding to the user profile. The instant transfer can be completed by having the third party application send a list of field names to the server, which will then access the database tables to identify the value or values corresponding to the matching field names stored in the user profile. The matching field values will then be transferred back to the third party application server and database to complete the third party user profile.

Additional methods of transferring select user profile information automatically to another form, database, device or destination can be provided, and would eliminate the need for the user to manually review the form fields and content as it is being filled in or transferred to another location.

Form Completion Indicator

In one embodiment, the user can be provided with a form completion indicator which indicates how much of a form can be filled from the information in the user profile. The form completion indicator can be displayed alongside a list of possible forms that the user is selecting from, so that the user can determine which form is easiest to populate based on the form completion indicator. The indicator can be a symbol, color or even just a numerical value indicating the percentage of fields in the form which will be filled in from information stored in the user profile. The form completion indicator will be updated in real time and help the user select a form from the forms database or an online web form which is easiest to automatically populate and has few manual entries. The completion indicator can also provide the user with an indication of how much of a given category has been mapped or how much work is required to complete the unfilled fields.

Manual Input Interface

Although the system will populate any field for which it has information, certain fields can have no values or can have multiple values, in which case the field will not be automatically filled. In this situation, the user must take some action in order to populate the field. One embodiment for populating the form fields can be aided by voice, touch, gestures or an input device—or a combination of any of the three. The voice and touch input eliminates the need for any manual typing of any information being input into a form. Voice input can be utilized through a microphone on the computing device, while the touch and gesture inputs can be made through a touchscreen, touchpad, image capture device or motion capture device. The input device includes a mouse, stylus or other peripheral device connected with the computing device which permits a selection to be made on the graphical user interface.

In one embodiment, manual input of a value for a field can be completed by displaying a separate window, such as a pop-up or drop-down menu, with options for values that the user can speak, touch or select with the input device. The interaction can include one or more separate input types, such as touching the field on a touch screen to generate the window and then speaking the name of the desired value from a list of field values. Form input fields can also display windows with tips or annotations associated with the system database to assist users in completing a form. In one embodiment, a touch input on the field will initiate an input via voice, while a “touch and hold” input will initiate the display of the separate window with multiple possible values.

The need for manual input will arise whenever the user profile lacks a value for a field, or even when the system is designed to select a best-fit value from multiple possible values based on one or more criteria. The user can be provided with the option to manually input a value in a particular field if no value exists or in order to override the automatically filled value. For example, a user can list multiple different allergies in their user profile (i.e. eggs, bees and cats) such that a form field labeled “food allergies” can be too specific for the system to determine which value of the listed allergies should be automatically input. The system can use data from previous user entries by other users to determine that “eggs” is the most likely candidate. However, the user will then be provided with the option to select the field to generate the separate window and then select from the list of allergies in order to correct the selection—for example by adding “bees” or “honey” to the list if the user is allergic to food products made by honey. If the user has no field values stored for the field name “allergy,” the user can be prompted to manually input a field value with a physical keyboard or touchscreen keyboard interface, through selecting a category to provide a list of options in one or more drill-down menus, or by simply speaking the desired value and letting voice recognition software interpret the voice command and input the appropriate value. The user can also be able to speak a partial keyword for the form field which will then display the separate window with possible values that include the partial keyword. A lookup algorithm can be provided to associate keywords with possible related values.

As previously discussed, one application for a touch and voice input would be the ability to touch a specific form field and then speak the value that should be input into the field. Alternatively, the user can first speak the name of the field if the system cannot identify the field name, which will cause the system to populate the value for the spoken field name from the user profile. If no field value exists for the field name, the user could also then speak the value for the field. If the value entered is a new value, the system will store the value in the user's profile for future use. In one example, a user filling out an automobile insurance claim and needing to enter a vehicle identification number (VIN) can be able to touch the field box labeled “VIN” and then state “VIN number” or a similar command, after which the system database will populate the field with the stored VIN number. In another embodiment, selecting a value to populate in one field can also populate values in related fields. For example, during an eCommerce checkout phase, an on-line merchant prompts the user to input a credit card by displaying a field with such name. The user touches the field on their mobile touch-device and speaks the word “Chase Visa” and the user's Chase Visa card number, name on that card, card expiration date, and card security code (CSV) are all filled into the associated fields on the checkout form. The advantage to the user is that they need not store any personal credit card numbers with any on-line merchants, yet can still experience a speedy and secure shopping checkout. In addition, as user credit cards expire and are replaced or updated, there is no need for the user to remember to visit each merchant site just to update card changes as those are all stored in one location and securely on the system database.

In another embodiment, if a field has multiple possible values, the user can be able to touch or speak the field name and then touch, speak or select with a mouse input one of the list of values that is displayed in a drop-down menu or the like. Similarly, if multiple fields have the same name but are in different sections of a form, the user can speak the name of the section and then the name of the field in order to select a value for the specific field desired. Additional functionality includes the ability to touch or speak a form field and then search for values using keywords.

In addition to gestures, touch and voice inputs, the manual input of field values can also be made through specific types of movements in a device configured with a gyroscope or accelerometer which can detect directional movement and velocity. In one embodiment, a user can be able to shake the device (such as a smartphone or tablet) in order to have the user interface find or populate certain fields. For example, the user can shake the device to populate a blank form, and a more specific gesture such as a vertical tilt will find a particular field name and provide the user with a window and several options for field values to populate into the field name (such as a credit card field name and a list of different credit cards which the user can select from for an electronic transaction).

In another embodiment, if an entire form, or if one or more fields in a form, have not been completely mapped and/or stored in the system, then the user can be able to touch or speak each unmapped field name and then touch or speak one of the list of categories, sub-categories, and specific category database fields to associate with this form field to the database field. The system can also collect and associate multiple user mappings of form fields to database fields using machine intelligence algorithms and then store the associated field mappings with the form into the forms database, thereby providing for an accurately mapped new form for use by all users of the system. This embodiment allows for system users to independently add, and map, new forms that are not currently in the system for the benefit of all system users. Additionally, it allows for system users to independently map web-form-fields to the database category fields for web-forms that have not yet had their fields mapped (associated) in the system for the benefit of all system users.

Storing Modifications

In one embodiment, if the user manually alters a field value for a particular field after the system has populated the field, the system will denote the changed value and store the newly-input value in the system database, preferably in the information vault of the user's profile. The user can therefore update their profiles automatically while changing the information being input into a form.

Methods and Applications

Although several applications for the systems and methods have been described above, the applications for the systems and methods should not be considered limited thereto. The systems and methods may be particularly applied for the completion of complex forms and documents which have a variety of form fields, require a significant amount of information or have similar or confusing names and field identifiers. College applications, loan applications, income and expense declarations for family law matters, health care forms and the many forms required for and by small business owners are potential applications that would provide significant improvements in time savings and accuracy of information (not to mention ease frustration or reduce redundancy) by use of the exemplary systems described herein.

One embodiment of a method of obtaining, classifying and populating electronic forms is illustrated by the flow diagram in FIG. 12. In a first step 202, the information is obtained from one or more sources of information, such as existing forms, third party APIs, etc. The information is then classified in step 204 to determine at least one field to which the information belongs to and to associate the information with the at least one field. The plurality of associated information is then aggregated into a user profile in step 206 and securely stored in one or more databases. When a user requests that a form be completed through one of the client interfaces, the information in the user profile is matched with the form fields on the form and the information is populated onto the form in step 208. In step 210, if the user manually enters values into any form fields, and these values are different from the user's information as currently stored in their secure database, then these new values will be saved into the user's secure database. The user's profile can be optionally updated to reflect the new value as being the default or primary value for the field.

IV. Computer-Implemented Embodiment

FIG. 13 is a block diagram that illustrates an embodiment of a computer/server system 1300 upon which an embodiment of the inventive methodology can be implemented. The system 1300 includes a computer/server platform 1301 including a processor 1302 and memory 1303 which operate to execute instructions, as known to one of skill in the art. The term computer-readable storage medium” as used herein refers to any tangible medium, such as a disk or semiconductor memory, that participates in providing instructions to processor 1302 for execution. Additionally, the computer platform 1301 receives input from a plurality of input devices 1304, such as a keyboard, mouse, touch device or verbal command. The computer platform 1301 can additionally be connected to a removable storage device 1305, such as a portable hard drive, optical media (CD or DVD), disk media or any other tangible medium from which a computer can read executable code. The computer platform can further be connected to network resources 1306 which connect to the Internet or other components of a local public or private network. The network resources 1306 can provide instructions and information to the computer platform from a remote location on a network 1307. The connections to the network resources 1306 can be via wireless protocols, such as the 802.11 standards, Bluetooth® or cellular protocols, or via physical transmission media, such as cables or fiber optics. The network resources can include storage devices for storing information and executable instructions at a location separate from the computer platform 1301. The computer interacts with a display 1308 to output information to a user, as well as to request additional instructions and input from the user. The display 1308 can therefore further act as an input device 1304 for interacting with a user.

While various embodiments have been described above, it should be understood that they have been presented by way of example only, and not of limitation. The breadth and scope should not be limited by any of the above-described exemplary embodiments. Where this document refers to technologies that would be apparent or known to one of ordinary skill in the art, such technologies encompass those apparent or known to the skilled artisan now or at any time in the future. In addition, the described embodiments are not restricted to the illustrated example architectures or configurations, but the desired features can be implemented using a variety of alternative architectures and configurations. As will become apparent to one of ordinary skill in the art after reading this document, the illustrated embodiments and their various alternatives can be implemented without confinement to the illustrated example. One of ordinary skill in the art would also understand how alternative functional, logical or physical partitioning and configurations could be utilized to implement the desired features of the described embodiments.

Furthermore, although items, elements or components can be described or claimed in the singular, the plural is contemplated to be within the scope thereof unless limitation to the singular is explicitly stated. The presence of broadening words and phrases such as “one or more,” “at least,” “but not limited to” or other like phrases in some instances shall not be read to mean that the narrower case is intended or required in instances where such broadening phrases can be absent. 

What is claimed is:
 1. A system for securely storing user information from a user profile, comprising: data storage comprising a plurality of storage locations; a profile creation unit configured to create the user profile comprising user information, the user information including user identifiable information and other information, to be stored in the data storage, wherein the user information includes a plurality of fields and a plurality of values corresponding to the plurality of fields; a logic application server configure to: dissociate the user profile from sections of a file that include other information, disassemble the user profile into a plurality of separate pieces of identity information; and individually encrypt each of the plurality of separate pieces of identity information comprising the user profile using a separate encryption key for each of the separate pieces of identity information; and a data storage server configured to distribute each of the plurality of individually encrypted pieces of identity information for separate storage among the plurality of storage locations.
 2. The system of claim 1, wherein each of at least some of the plurality of fields comprises a user identity, a user financial information, a user password, a user address, and a user identification number.
 3. The system of claim 1, wherein: at least some of the plurality of sections comprising the user information include the plurality of values comprising the user information; and at least some of the plurality of sections comprise the corresponding fields comprising the user information.
 4. The system of claim 1, wherein: at least some of the plurality of sections comprising the user information include at least some of the plurality of values and at least some of the plurality of fields corresponding to the plurality of values.
 5. The system of claim 1, wherein at least some of the plurality of fields comprising the user information are identified based on information obtained from one or more of an existing electronic form, manual entry by a user, and a third party application interface.
 6. The system of claim 1, wherein the data storage server is configured to store each of the plurality of sections in a separate storage location.
 7. The system of claim 1, wherein the data storage server is further configured to store each encryption key used to encrypt each of the plurality of sections.
 8. A method of securely storing user information from a user profile, comprising: creating, with a profile creation unit, the user profile comprising user information, the user information including user identifiable information and other information, to be stored in data storage comprising a plurality of storage locations, wherein the user information includes a plurality of fields and a plurality of values corresponding to the plurality of fields; dissociating, with a logic application server, the user profile from sections of a file that include other information, disassembling, with a logic application server, the user profile into a plurality of separate pieces of identity information; individually encrypting, with the logic application server, each of the plurality of separate pieces of identity information comprising the user profile using a separate encryption key for each of the separate pieces of identity information; and distributing, with a data storage server, each of the plurality of individually encrypted pieces of identity information for separate storage among the plurality of storage locations.
 9. The method of claim 8, wherein each of at least some of the plurality of fields comprises one of a user identity, a user financial information, a user password, a user address, and a user identification number.
 10. The method of claim 8, wherein: at least some of the plurality of sections comprising the user information include the plurality of values comprising the user information; and at least some of the plurality of sections comprise the corresponding fields comprising the user information.
 11. The method of claim 8, wherein: at least some of the plurality of sections comprising the user information include at least some of the plurality of values and at least some of the plurality of fields corresponding to the plurality of values.
 12. The method of claim 8, wherein each of the plurality of sections is stored in a separate storage location.
 13. The method of claim 8, further comprising storing each encryption key used to encrypt each of the plurality of sections. 